pkg-perl-maintainers team mailing list archive
-
pkg-perl-maintainers team
-
Mailing list archive
-
Message #03862
[Bug 1797386] Re: [SRU] OpenSSL 1.1.1 to 18.04 LTS
This update breaks salt-ssh 2016.11.2 (started from a different computer
that's running Debian Stretch) on Ubuntu 18.04 (running on the machine
being managed). Having Salt break from one day to the next for managing
an LTS (!) release is a rather major PITA.
Curiously enough, salt-ssh 2016.11.2 continues to work just fine on
minions running Ubuntu 19.04 which ships openssl 1.1.1b-1ubuntu2.1. So
whatever this SRU does apparently is different from how it works on
Ubuntu 19.04.
This is the error message (from salt-ssh):
=== Begin ===
Traceback (most recent call last):
File "/var/tmp/.root_bdab0e_salt/salt-call", line 15, in <module>
salt_call()
File "/var/tmp/.root_bdab0e_salt/py2/salt/scripts.py", line 374, in salt_call
import salt.cli.call
File "/var/tmp/.root_bdab0e_salt/py2/salt/cli/call.py", line 9, in <module>
import salt.cli.caller
File "/var/tmp/.root_bdab0e_salt/py2/salt/cli/caller.py", line 18, in <module>
import salt.loader
File "/var/tmp/.root_bdab0e_salt/py2/salt/loader.py", line 29, in <module>
import salt.utils.event
File "/var/tmp/.root_bdab0e_salt/py2/salt/utils/event.py", line 72, in <module>
import salt.payload
File "/var/tmp/.root_bdab0e_salt/py2/salt/payload.py", line 17, in <module>
import salt.crypt
File "/var/tmp/.root_bdab0e_salt/py2/salt/crypt.py", line 43, in <module>
import salt.utils.rsax931
File "/var/tmp/.root_bdab0e_salt/py2/salt/utils/rsax931.py", line 83, in <module>
libcrypto = _init_libcrypto()
File "/var/tmp/.root_bdab0e_salt/py2/salt/utils/rsax931.py", line 74, in _init_libcrypto
raise OSError("Failed to initialize OpenSSL library (OPENSSL_init_crypto failed)")
OSError: Failed to initialize OpenSSL library (OPENSSL_init_crypto failed)
=== End ===
I was able to narrow it down to ssl.create_default_context() (invoked by
tornado.netutil which salt-ssh imports indirectly via tornado.iostream)
causing OPENSSL_init_crypto() to return 0 (error) on Ubuntu 18.04, but 1
(success) on Ubuntu 19.04.
=== Begin Ubuntu 18.04 ===
root@bob:~# PYTHONPATH=/var/tmp/.root_bdab0e_salt/py2 python
Python 2.7.15+ (default, Nov 27 2018, 23:36:35)
[GCC 7.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> _client_ssl_defaults = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
[ctypes setup for libcrypto]
>>> libcrypto.OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG |
... OPENSSL_INIT_ADD_ALL_CIPHERS |
... OPENSSL_INIT_ADD_ALL_DIGESTS, None)
0
>>>
=== End Ubuntu 18.04 ===
=== Begin Ubuntu 19.04 ===
root@bob:~# PYTHONPATH=/var/tmp/.root_bdab0e_salt/py2 python
Python 2.7.15+ (default, Nov 27 2018, 23:36:35)
[GCC 7.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> _client_ssl_defaults = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
[ctypes setup for libcrypto]
>>> libcrypto.OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG |
... OPENSSL_INIT_ADD_ALL_CIPHERS |
... OPENSSL_INIT_ADD_ALL_DIGESTS, None)
1
>>>
=== End Ubuntu 19.04 ===
--
You received this bug notification because you are a member of Debian
Perl Group, which is subscribed to libwww-perl in Ubuntu.
https://bugs.launchpad.net/bugs/1797386
Title:
[SRU] OpenSSL 1.1.1 to 18.04 LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libwww-perl/+bug/1797386/+subscriptions
Follow ups